FBI Insists It's Not Trying To Set A Precedent, But Law Enforcement Is Drooling Over Exactly That Possibility
from the going-to-court-to-force-you-to-hack-your-customers dept
In Jim Comey's defensive blog post over the weekend, he insisted that the FBI was absolutely not doing this to set a precedent or to do anything other than get into a single phone:The San Bernardino litigation isn't about trying to set a precedent or send any kind of message....Yeah, except that's clearly bullshit. They absolutely want the precedent, and if the FBI's PR strategy is to now insist this precedent won't be useful beyond this case, perhaps it should have coordinated those talking points with others in law enforcement. Because if you talk to them, they're happy to tell everyone just how badly they want this precedent so they, too, can demand Apple build hacking tools into iPhones. Jenna McLaughlin at The Intercept has put together examples of law enforcement people practically drooling over the possibilities that will be opened up should the FBI win.
The particular legal issue is actually quite narrow. The relief we seek is limited and its value increasingly obsolete because the technology continues to evolve. We simply want the chance, with a search warrant, to try to guess the terrorist's passcode without the phone essentially self-destructing and without it taking a decade to guess correctly. That's it. We don't want to break anyone's encryption or set a master key loose on the land.
And then of course, there's Cyrus Vance, the Manhattan DA who also has been quite vocal in asking for backdoors into encryption, who has admitted that he basically wants the same power the FBI is now trying to exert. And, meanwhile, Senator Richard Burr used the Apple case as a keying off point to try to push for legislation he's been working on for a while that would effectively mandate such backdoors.In Suffolk County, Massachusetts, district attorney’s office spokesperson Jake Wark said prosecutors “can’t rule out” bringing their own case of a locked cellphone before a judge, too. “It may be a question of finding the right case,” he told the Wall Street Journal.
“It’s going to have significant ramifications on us locally,” Matt Rokus, deputy chief of Wisconsin’s Eau Claire Police Department, told the city’s Leader-Telegram newspaper on Monday.
In South Dakota, Minnehaha County State’s Attorney Aaron McGowan told the Sioux Falls Argus Leader that “the court’s ruling could have a significant impact on conducting sensitive criminal investigations.”
So it's fairly difficult to believe the FBI and Director Comey when not only does everyone know he's lying, but his friends and colleagues in law enforcement can't even be bothered to play along with the script.
Update: Oh, and even the DOJ is off-script as well. It's now being reported that the DOJ is currently seeking similar orders on 12 more iPhones. So, yeah, Comey's flat out lying.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cyrus vance, doj, encryption, fbi, going dark, james comey, law enforcement, police, precedent
Companies: apple
Reader Comments
Subscribe: RSS
View by: Time | Thread
"Dangit you lot, you're supposed to wait before celebrating!"
Just a little difficult to get people to buy the 'There's no point in focusing on what the precedent from the case might do, that's not important right now' argument after all when you've got people chomping at the bit to use that very precedent, making it very much an important consideration.
[ link to this | view in chronology ]
We're going to need a chart here...
[ link to this | view in chronology ]
The Floodgates Open
[ link to this | view in chronology ]
Re: The Floodgates Open
[ link to this | view in chronology ]
Re: Re: The Floodgates Open
[ link to this | view in chronology ]
"They don't call us citizens in internal documents anymore"
[ link to this | view in chronology ]
Re: Re: The Floodgates Open
[ link to this | view in chronology ]
Re: The Floodgates Open
Suppose that hardware provider is also a defense contractor. The foreign country then uses the backdoor they are given to break into secure US military or government systems.
Who is guilty of espionage if that happens? Certainly the foreign government is, but is the hardware manufacturer also guilty?
And how much harm could unfettered access to top secret databases cause before the backdoor could be pulled again? This isn't just the wet dream of law enforcement here, this has national security consequences as well.
[ link to this | view in chronology ]
Weather they plan for it to be a precedent or not, it will become one as the iron has barely warmed up, we see they are already chomping at the bit to do it with more cases.
[ link to this | view in chronology ]
No Suprise
No matter how much people bitch about it they keep voting for it. If people actually gave a shit about liberty more candidate like Rand Paul would still be in the race.
Either way, this nation is heading out the door, we are nothing like we once where. Things have been so damn peaceful and nice we are not even able to see what true evil is and plan to give every last part of this nation to that evil for political and social expedience.
[ link to this | view in chronology ]
Re: No Suprise
[ link to this | view in chronology ]
Not bothering to play along
Law enforcement, lately, has become famous for “parallel reconstruction”. Apple, though, is noted for the famous Apple “reality distortion field”.
Do we want real security — or do we want marketing hype? If the smartphone pin does not have enough entropy to prevent a brute force attack on data at rest, then there's a non-ignorable threat to the privacy of that data at rest. Are all these people really going to try to sell me on the idea that the NSA can't crack that phone without Apple's help? I'm not buying it.
It seems fairly likely to me that the government already knows what's on that phone. Now Apple and the FBI are just trying to come up with a cover story for how the government already knows what's on the phone. Or a cover story for how the government denies it knows what's on the phone, and must have acquired the intelligence some other way. Either way, a cover story that'll help preserve Apple's market position. Either way, a cover story that'll have people buying into the lie that Apple phones protect their privacy.
Insecurity from a pin without enough entropy meets “parallel reconstruction” and “reality distortion field”. Most people can't do the math.
But why should people who can do the math bother to play along?
[ link to this | view in chronology ]
Re: Not bothering to play along
Apple has helped to mitigate this entropy with other security features such as delays between attempts and "self-destructing" data after too many attempts. Those features reintroduce entropy into the mix by stretching out how long it takes to crack that PIN or by forcing them to give up as it becomes unrecoverable.
[ link to this | view in chronology ]
Re: Re: Not bothering to play along
[ link to this | view in chronology ]
Re: Re: Re: Not bothering to play along
Delays between attempts makes it longer for the encryption to be cracked.
Data self-destruction makes it longer or impossible for the data to be recovered.
At least that's been my understanding. Where am I wrong in that? (And I ask that not out of spite, if I'm wrong, I do want to know how.)
[ link to this | view in chronology ]
Re: Re: Re: Re: Not bothering to play along
Look, there's the data to to be decrypted. That encrypted blob can be captured and preserved.
There's the weak pin. That can be brute forced.
There's the algorithm to derive the key from the pin and a hardware secret. That's known. Or at least sufficiently knowable.
All that's left is the hardware secret. You're telling me that you can't obtain the hardware secret from the hardware? Bullshit. If worst comes to worst, you can pull out every functional block except for the key derivation, and probe against that, not worrying about destroying the data which you preserve elsewhere.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Not bothering to play along
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Not bothering to play along
They have better people than me. I'm acquainted with a few of them.
[ link to this | view in chronology ]
Re: Re: Re: Re: Not bothering to play along
When we're dealing with actual values selected from the pinspace and hwidspace, we should talk about “surprisal”.
[ link to this | view in chronology ]
Re: Re: Not bothering to play along
[ link to this | view in chronology ]
What a slimeball
[ link to this | view in chronology ]
Foot in the door and all that
[ link to this | view in chronology ]
Is it possible for Apple to perfectly secure their phones?
[ link to this | view in chronology ]
Re: Is it possible for Apple to perfectly secure their phones?
Most people may not be willing to memorize something like: (Just generated with 126 bit strength.)
Even if people are willing to memorize a meazly 21 characters (modified base64), they may not be willing to type it in on a smartphone keypad.
So where does that leave us? Apple could make it possible for you to carry around a secret like that on a second piece of hardware. Perhaps a micro-USB dongle. But if that hardware falls into the wrong hands, it's still game over.
[ link to this | view in chronology ]
Re: Re: Is it possible for Apple to perfectly secure their phones?
What the iPhone does instead, is make the user key in her password on phone startup and then she can log in via thumbprint.
That's when the fridge-logic hit me: you never want your extremity (or an eye) to be worth more than you are.
[ link to this | view in chronology ]
Re: Re: Re: Is it possible for Apple to perfectly secure their phones?
[ link to this | view in chronology ]
Re: Is it possible for Apple to perfectly secure their phones?
[ link to this | view in chronology ]
Re: Re: Is it possible for Apple to perfectly secure their phones?
Neither is Apple's code signing key necessary for China, or Russia. Probably not needed for the UK, Germany nor France, as well. And who knows who else? I don't discount Arab contributions to mathematics, although that was mainly in the midieval period, when Europe was stagnant. Oh, yeah, don't forget India. There have been some very good Indian mathematicians, and their engineering is good enough to get to Mars these days.
[ link to this | view in chronology ]
Re: Re: Re: Is it possible for Apple to perfectly secure their phones?
[ link to this | view in chronology ]
Re: Re: Re: Re: Is it possible for Apple to perfectly secure their phones?
[ link to this | view in chronology ]
Re: Re: Re: Is it possible for Apple to perfectly secure their phones?
Neither is Apple's code signing key necessary for China, or Russia. Probably not needed for the UK, Germany nor France, as well.
References for any of that?
[ link to this | view in chronology ]
Re: Re: Re: Re: Is it possible for Apple to perfectly secure their phones?
Sorry, but I can't take you through a CS or EE education in a few comments. I'm not even going to try. It takes a few years of hard work to learn the basics.
If you don't have the fundamental background, then you're just stuck with taking things on faith here. In which case, you might as well just believe the marketdroids. The vast majority of people will anyhow. And I guess there's safety in numbers for y'all.
Otoh, if you're comfortable with emulation and simulation and so on, then here's a comment from someone over at Ars. I don't know that guy, and maybe he does what he says he does, and maybe he doesn't. But read the comment.
[ link to this | view in chronology ]
TPMs
I figured that on start up it checks its own flashmem and if blank creates a pseudo-random UID, and the idea is that no-one ever gets to see the UID. You just enter the user's PIN and it creates an AES key if all other conditions are nominal.
So (and this is just a guess from an old-timer) the matter is tricking the TPM to think conditions are nominal after you drop it in an emulator...or to trick it into thinking you're just doing some diagnostics.
That's the thing. Computers can't tell if you're an Apple tech, and FBI tech or a black hat, which is why I expect any given TPM design will only be secure for a limited amount of time before someone hacks it.
[ link to this | view in chronology ]
Re: TPMs
[ link to this | view in chronology ]
Re: Re: TPMs
Thanks for the link.
[ link to this | view in chronology ]
Re: Re: Re: TPMs
[ link to this | view in chronology ]
TPMs
Which is usually considered an acceptable level of security.
Though this guy was inventing the process as he went, so it raises the question of how slow it will be with a functional process.
Still, it gives us hope that we can have difficult-to-unlock data storage where even the manufacturers can't bust in.
But I think an actual going dark would be a benefit to society.
[ link to this | view in chronology ]
Re: TPMs
[ link to this | view in chronology ]
Re: Re: TPMs
If you're not an ordinary shlub, say a VIP or a terrorist, then your data is worth more, and agencies / hackers might be more inclined to go the extra mile.
The problem is when robust security becomes easy to crack, due to an exploit or a new technique... which is exactly what Apple is trying to prevent by refusing to cooperate with the FBI.
If we can't live in a society in which justice prevails, I think we at least want consistency.
[ link to this | view in chronology ]
Re: Re: Re: TPMs
GIGO.
[ link to this | view in chronology ]
Misstating the state of the art
Apple can cooperate with the FBI in one way, and refuse to cooperate in another way without it being inconsistent.
I may agree with Hitler that every family should be able to afford an automobile, yet disagree with him that some people are unworthy of living and should be massacred.
[ link to this | view in chronology ]
Re: Misstating the state of the art
If Apple really doesn't want to write and sign code for the government's hack in this case, then it would further that interest to point out that the government doesn't require Apple's assistance to obtain the decrypt.
[ link to this | view in chronology ]
[Apple could] point out that the government doesn't require Apple's assistance to obtain the decrypt.
I am not privy to all of Apple's motivations nor how conscious the company is being. I do know it has neither moral obligation nor community-related cause to give FBI any help.
Rather, Apple has plenty of reasons to avoid helping the FBI in any way (or US law enforcement in general), except when it is forced by law and gunpoint to do so.
[ link to this | view in chronology ]
Re: [Apple could] point out that the government doesn't require Apple's assistance to obtain the decrypt.
Let me narrow it: Apple has no moral obligation to tell the American people that if they choose a pin from a pinspace with insufficient entropy, that Apple has the power to protect their secret anyway. Apple, as a corporate citizen, has no moral obligation to lie about the state of the art in reverse engineering, nor to lie to people about mathematics.
If the pin is too short, and the hardware falls into the hands of a major nation-state adversary, it's game over.
[ link to this | view in chronology ]
...if they choose a pin with insufficient entropy...
I'm not sure if password hygiene is common enough smartphone protocol that Apple should need to advise those who are likely targets.
My experience since 2013 has been that few people really care that much about being surveilled by the NSA (or by the FBI for that matter) and don't care enough to concern themselves with encrypting their phones unless they have vested interests in their secrets (such as with a business phone, or paranoids like myself who think state-subversive thoughts).
It took a while to get people aware that they had things to hide. It took them a while to realize that they can, even if not doing anything criminal, can still wind up victims of Law Enforcement.
So the folks in Apple have to guess at what is publicly apt as well as what is good for them as a company.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Is it possible for Apple to perfectly secure their phones?
Yes.
Otoh, if you're comfortable with emulation and simulation and so on, then here's a comment from someone over at Ars.
I don't do hardware so I didn't totally follow everything, but interesting. And reading the article and some of the other comments gives a clearer picture of what's going on (for me at least).
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Is it possible for Apple to perfectly secure their phones?
Then too, you understand that a simulation of one machine is not necessarily an exact emulation of that machine? So that if one machine has a check for signed code, a simulation might leave that check out?
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Is it possible for Apple to perfectly secure their phones?
The difficulty in this case is not making or using an emulator, it's in getting the secret out of the target device.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Is it possible for Apple to perfectly secure their phones?
• iPhone 5c Teardown, showing A6 processor.
• Apple A6 Teardown
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Is it possible for Apple to perfectly secure their phones?
iOS Security Guide, p.7 The target device has an A6, and thus, no “Secure Enclave”.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Is it possible for Apple to perfectly secure their phones?
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Is it possible for Apple to perfectly secure their phones?
[ link to this | view in chronology ]
Re: Re: Re: Is it possible for Apple to perfectly secure their phones?
[ link to this | view in chronology ]
Not Destroyed, Data Recovered
Since they apparently attempted to destroy those phones and not the one owned by SBC, THEY thought those had all the stuff they wanted to hide on them, and not this one. The logical conclusion from that information is that yes, Comey wants a precedent and does not actually expect to learn anything from breaking into this phone. Being allowed to get into this phone then allows them to get into, well, any phone with like issues.
[ link to this | view in chronology ]
I am trying to figure out a way you could lay it on any thicker, but I think you have gotten full and total bullshit coverage on this one.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
"Comey's flat out lying."
[ link to this | view in chronology ]
I look at how law enforcement treats the rights of it's citizens with open contempt. care almost nothing about the laws they enforce but constantly break themselves.
That's third world country stuff right there. If there was no chance at all law abiding citizens could be armed I think things would be worse than soviet style russia for the average american.
[ link to this | view in chronology ]
Moot Point
We all know "metadata" is there for the FBI's taking -- they already know who they communicated with --even on the destroyed devices.
What could possibly be in existence *only* on that employer-owned device that could be useful?
[ link to this | view in chronology ]
Re: Moot Point
Which means the 4th amendment doesn't come into play. This could be their best chance.
[ link to this | view in chronology ]
[ link to this | view in chronology ]